phparanoid 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
Historical issues mainly involve vendor risk csrf and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2008-5758 | Cross-site request forgery (CSRF) vulnerability in PHParanoid before 0.5 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors related to private messages. | [email protected] | 6.8 | 0.16% | 2008-12-30 | 2026-04-23 |
| CVE-2008-5673 | PHParanoid before 0.4 does not properly restrict access to the members area by unauthenticated users, which has unknown impact and remote attack vectors. | [email protected] | 6.5 | 0.35% | 2008-12-19 | 2026-04-23 |
| CVE-2008-5672 | Multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid before 0.4 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) admin.php or (2) private messages. | [email protected] | 6.8 | 0.13% | 2008-12-19 | 2026-04-23 |